Can I restrict images used on the site?
The intention of this plugin is to restrict access to downloadable files. While you can restrict access to an image for download, this is different from images that you display on the site. Keep in mind that the way web browsers work is that anything displayed TO the user in the browser has already been downloaded to their computer. Your web browser is not a telescope into another machine on the internet. Anything a user can see in their browser already exists on their machine. You cannot restrict access to an image file AND be able to display it to a user.
That being said, you CAN display a low grade image and/or watermarked image to a user for an image you may be restricting the full high resolution version of.
Can I restrict the entire uploads folder?
No. If you did, it would render the WP media folder structure unusable.
I already have a hundred files in my media folder. Will I have to re-upload them?
The answer used to be no. All files are saved as WordPress “attachment” post types, and have a special post meta value the plugin creates in order to locate the file during the restriction process. In order for this to function properly, you cannot simply move the file through FTP or other direct methods.
However, the 1.6 version of the plugin introduced WP CLI integration (the WordPress Command Line Interface). So if you have shell access to your web server and WP CLI installed, you can use the Download Protect commands in WP CLI to move files in bulk. If your files are contained within WP as “attachments” (i.e. they are in the Media manager), then you can move them in bulk.
Keep in mind this process will always skip all image file mime types (see “Can I restrict images used on the site” above). You can move “all” or you can move files based on their mime type.